14:00:10 <whoami-rajat> #startmeeting cinder 14:00:10 <opendevmeet> Meeting started Wed Feb 15 14:00:10 2023 UTC and is due to finish in 60 minutes. The chair is whoami-rajat. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:00:10 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 14:00:10 <opendevmeet> The meeting name has been set to 'cinder' 14:00:12 <whoami-rajat> #topic roll call 14:00:23 <roquej> hello Rajat 14:00:23 <TusharTgite> hi 14:00:36 <jbernard> o/ 14:00:38 <simondodsley> o/ 14:00:40 <enriquetaso> hi 14:00:51 <nahimsouza[m]> o/ 14:00:53 <kgube> o/ 14:01:27 <tosky> o/ 14:01:28 <akawai> o/ 14:01:35 <eharney> hi 14:01:36 <thiagoalvoravel> o/ 14:01:49 <jungleboyj> o/ 14:01:53 <rosmaita> o/ 14:01:56 <whoami-rajat> #link https://etherpad.opendev.org/p/cinder-antelope-meetings 14:02:19 <Roamer`> o/ 14:03:12 <whoami-rajat> hello 14:03:26 <whoami-rajat> we've good amount of people around so let's get started 14:03:30 <whoami-rajat> #topic announcements 14:03:42 <whoami-rajat> I've proposed candidacy for PTL for 2023.2 (Bobcat) cycle 14:03:49 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032102.html 14:04:02 <tosky> \o/ 14:04:11 <jungleboyj> Yay! 14:04:17 <simondodsley> +1 14:04:24 <roquej> you're the perfect candidate, I'd say Yay! 14:04:24 <enriquetaso> +1 14:04:52 <whoami-rajat> thanks everyone :) 14:05:11 <whoami-rajat> if anyone would like to become a core or PTL, they can contact me regarding it and i can help them provide guidance for the same 14:05:56 <whoami-rajat> moving on, Deadlines: Cinderclient, requirement freeze, feature freeze on 17th Feb 14:06:01 <whoami-rajat> we've a lot of deadlines this week 14:06:05 <whoami-rajat> or should i say in 2 days 14:06:14 <whoami-rajat> let's go project by project 14:06:31 <whoami-rajat> Cinderclient 14:06:38 <whoami-rajat> #link https://etherpad.opendev.org/p/cinderclient-antelope-release 14:06:51 <whoami-rajat> most of the changes are merged, thanks everyone for the reviews 14:07:00 <whoami-rajat> there is 1 patch remaining where I've suggested an alternative 14:08:03 <whoami-rajat> let's see if we get a response on that 14:08:11 <whoami-rajat> it's not critical but good to have fix in the release 14:08:31 <whoami-rajat> next, python-brick-cinderclient-ext 14:08:57 <whoami-rajat> here the gate was broken due to tox4 issues but we didn't notice because no patch was proposed during Antelope cycle 14:09:24 <whoami-rajat> currently the gate fix is merged, the requirements are updated (they were very old) 14:09:42 <whoami-rajat> I updated the release patch with new hash and few minutes ago release team approved the release patch 14:10:04 <whoami-rajat> so we should have a release by today 14:10:13 <whoami-rajat> at least this one is sorted 14:10:36 <whoami-rajat> now to the concerning part, Feature Freeze 14:10:45 <whoami-rajat> we had 12 features initially 14:10:48 <whoami-rajat> 3 are merged 14:11:01 <whoami-rajat> 9 are remaining 14:11:02 <whoami-rajat> #link https://etherpad.opendev.org/p/cinder-antelope-features 14:11:30 <whoami-rajat> 8 of them are driver features and one is related to a spec we merged this cycle 14:11:42 <whoami-rajat> but it's a nova dependent feature and last i checked, the nova patch didn't had any reviews 14:12:09 <whoami-rajat> ok i see it's been crossed out in the etherpad with the reasoning what I'm trying to explain here 14:12:52 <whoami-rajat> so we've 7 driver patches and one related to the restoring into sparse volumes 14:14:01 <whoami-rajat> the driver ones should be doable, I'm not sure about the restore one, we don't have a spec for it which seems strange but maybe it's fine 14:15:19 <whoami-rajat> anyways, what i would really like to convey is please respond quickly to the review comments 14:15:37 <whoami-rajat> I've review comments on 2 patches that aren't addressed for quite some time 14:16:00 <whoami-rajat> so if you would like the feature to be included, kindly lower the feedback time 14:16:07 <akawai> I see. 14:16:49 <whoami-rajat> that's all on the features 14:16:56 <whoami-rajat> the last one is Requirements Freeze 14:17:11 <whoami-rajat> #link https://review.opendev.org/q/(project:openstack/cinder+OR+project:openstack/os-brick)+and+status:open+and+(file:requirements.txt+OR+file:test-requirements.txt)+and+-is:wip 14:17:38 <whoami-rajat> eharney, has two changes that update the hacking version to 5.0 in os-brick and cinder 14:18:08 <whoami-rajat> my query regarding that is, the latest version mentioned in pypi is 5.0.0 so do we want the minimum and max to be same version here? 14:18:15 <whoami-rajat> #link https://pypi.org/project/hacking/#history 14:18:33 <eharney> i'm not sure i understand the concern exactly 14:19:41 <whoami-rajat> not a concern but wanted to know if is it OK to have the min version = max version? 14:20:14 <whoami-rajat> s/is it/it is 14:20:14 <eharney> yeah, just means we'll run with 5.0.x 14:20:33 <whoami-rajat> ok, then no concerns from my side 14:20:37 <rosmaita> we are running with the max version anyway 14:20:50 <rosmaita> the version specified in upper-constraints is what pip will install 14:21:07 <whoami-rajat> i don't see hacking in u-c 14:21:08 <rosmaita> i really don't understand why we specify any minima in the requirements file at all 14:21:19 <eharney> i'm not sure that's true for hacking... 14:21:21 <rosmaita> ah, well, test-only stuff is an exception, that's true 14:21:37 <eharney> it's handled differently because upgrades typically cause breakages, so we have to manually bump it up 14:23:24 <rosmaita> well, as long as we're passing with 5.0.0, no reason not to specify it 14:24:12 <whoami-rajat> I've reviewed both changes 14:24:16 <whoami-rajat> this one requires another review 14:24:18 <whoami-rajat> #link https://review.opendev.org/c/openstack/cinder/+/873406 14:24:25 <rosmaita> got it 14:24:38 <whoami-rajat> great, thanks 14:25:08 <enriquetaso> \o/ 14:25:47 <jungleboyj> whoami-rajat: Done. 14:25:58 <whoami-rajat> thanks Jay! 14:26:34 <whoami-rajat> I've sent out a mail highlighting all the review priorities mentioned here 14:26:36 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032179.html 14:27:01 <whoami-rajat> one last thing is regarding the PTG 14:27:07 <whoami-rajat> if you haven't signed up already, please do 14:27:13 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032182.html 14:27:16 <roquej> oh yes good catch 14:27:23 <roquej> will do 14:27:32 <whoami-rajat> cool 14:27:46 <whoami-rajat> that's all for the announcements 14:27:50 <whoami-rajat> let's move to topics 14:28:00 <whoami-rajat> #topic Vulnerability scanning 14:28:09 <whoami-rajat> I don't see happystacker around 14:28:14 <roquej> I'm here 14:28:27 <roquej> my nickname changed 14:28:30 <roquej> dkw 14:28:32 <roquej> anyway 14:28:42 <whoami-rajat> oh, good to know 14:28:52 <roquej> question is are we doing such as scan when pushing code? 14:29:17 <eharney> we have bandit, which does some 14:29:25 <roquej> what is bandit? 14:29:39 <eharney> it detects known bad patterns of python code that could be security concerns 14:29:45 <whoami-rajat> I don't think we've any guidelines in place for this, for security purpose we were working on FIPS some time ago 14:29:46 <roquej> https://wiki.openstack.org/wiki/Security/Projects/Bandit ? 14:29:58 <eharney> but most vulnerability prevention, by far, is just based on having thorough enough review 14:30:13 <roquej> it says it's no longer maintained 14:30:20 <whoami-rajat> i mean FIPS job in gate 14:30:22 <roquej> I see, nothing automatic then 14:30:29 <roquej> just based on review 14:30:46 <eharney> it's no longer maintained as an openstack project, it is still maintained 14:31:02 <roquej> do we plan to do something around this kind of scanning? Or we assume bandit + review is enough? 14:31:16 <roquej> oh I see, thls 14:31:17 <roquej> thks 14:31:30 <eharney> i'd be interested in proposals, but i think we really have to rely on review 14:31:42 <roquej> ok makes sense 14:31:56 <whoami-rajat> does anyone know what's the status of the fips work? https://review.opendev.org/c/openstack/cinder/+/790535 14:32:36 <eharney> not really, other than that i think the CI pieces still need some effort 14:32:55 <eharney> unsure if they settled on the plan fully for which OS to run them on, maybe rosmaita has info 14:33:01 <tosky> there is an effort to simplify that work, the idea is to patch devstack so that we don't need to carry the playbook into each and every repository 14:33:39 <tosky> so that we would need to just set a variable to enable fips: https://review.opendev.org/c/openstack/devstack/+/871606 14:34:06 <tosky> I'm not sure whether this means we should merge the existing proposed changes now or wait for that devstack change to merge and then adapt the code 14:34:23 <rosmaita> what's made me a bit worried about that job is that it and it's dependencies have never all been green at the same time 14:34:30 <rosmaita> at least not when i looked 14:34:51 <roquej> do we have doc about fips ? 14:35:09 <rosmaita> i think it's a community goal, should be some docs there 14:35:50 <roquej> ok 14:35:55 <tosky> https://governance.openstack.org/tc/goals/selected/fips.html 14:36:09 <roquej> excellent thank you 14:36:47 <whoami-rajat> that helped us elimiate md5 being used for security purposes, so looks useful to have 14:37:15 <whoami-rajat> but as eharney said, new proposals to strengthen security are always welcome 14:37:38 <roquej> sure, I understand 14:38:00 <whoami-rajat> good, anything else on this topic? 14:38:08 <roquej> I'm good for now 14:38:21 <whoami-rajat> cool, thanks for bringing this up 14:38:24 <whoami-rajat> let's move to next topic 14:38:31 <whoami-rajat> #topic Outreachy 2023 14:38:33 <whoami-rajat> enriquetaso, that's you 14:38:38 <enriquetaso> hey 14:38:52 <enriquetaso> jbernard is going to mentor to reduce the gap with the openstack client/sdk. If anyone is interested in co-mentor for the project please let me know! 14:39:07 <enriquetaso> #link https://etherpad.opendev.org/p/outreachy-cinder-May-2023-to-Ag-2023 14:39:11 <whoami-rajat> jbernard++ 14:39:20 <enriquetaso> The outreachy coordinator for openstack suggested that I keep the proposal really simple and then go deeper in the details of the task once the intern had been selected. 14:39:29 <enriquetaso> I have one question regarding the intern task. Are the interns going to work on testing the openstacksdk and document what are the gaps or is work to be done on the openstacksdk side? 14:39:52 <enriquetaso> *intern* 14:40:17 <whoami-rajat> so i think first part should be to fix all the issues we've noticed in openstackclient 14:40:49 <whoami-rajat> once the CLI is fully operational then we can start working on sdk to eliminate the parity and skip cinderclient completely 14:41:10 <whoami-rajat> I haven't looked into the sdk part so not sure what kind of work there is to do 14:41:23 <whoami-rajat> or if it's suitable for intern to address 14:41:41 <whoami-rajat> but I can surely help with the openstackclient part 14:41:44 <roquej> I can help if needed but not as a mentor 14:41:55 <enriquetaso> make sense.. so, first i should replace openstacksdk to openstackclient. 14:42:14 <enriquetaso> Then i need to make a list or something to make really clear what is the work 14:42:48 <whoami-rajat> that's my understanding 14:42:58 <enriquetaso> roquej, thank you! that would be helpful, usually potential interns have a lot of question, helping to reply to them is welcome 14:43:05 <enriquetaso> whoami-rajat++ 14:43:11 <roquej> I'd be glad to help 14:43:33 <enriquetaso> okay, ill update the etherpad and I think it's ready 14:43:39 <enriquetaso> thanks 14:43:54 <whoami-rajat> great, thanks for working on this enriquetaso 14:44:30 <enriquetaso> np! 14:44:56 <whoami-rajat> let's move to the last topic of the meeting 14:45:03 <whoami-rajat> #topic Skipping the tgt job on cinder-tempest-plugin 14:45:05 <whoami-rajat> tosky, that's you 14:45:22 <tosky> so: the cinder-tempest-plugin gates are blocked (sorry, missed that for a while) 14:45:37 <tosky> originally linked to the tox 4 migration, and rosmaita proposed a fix 14:46:01 <tosky> but it looks like the tgt job broke after the switch to jammy (reverting to focal it works again) 14:46:26 <tosky> there are "interesting" failures in the logs but I don't know enough to debug it 14:46:43 <tosky> now, the default has been lioadm for a while, and the tgt job is only executed on cinder-tempest-plugin 14:47:00 <tosky> I don't want to start the discussion about removing the tgt support (even thought it may be a useful topic to discuss) 14:47:15 <tosky> right now the question is: does anyone disagree making that job non-voting? 14:47:36 <tosky> if there are no disagreement, I'd kindly ask rosmaita to update https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/868319 to skip it 14:47:55 <tosky> and unblock cinder-tempest-plugin, and be ready to merge tons of patches which are stuck! 14:47:57 <tosky> that's it 14:48:22 <whoami-rajat> ah, sorry I didn't notice either 14:48:25 <rosmaita> tosky: you mean switch the job to focal and make it non-voting? 14:48:33 <rosmaita> or just non-voting? 14:48:45 <tosky> I'm not sure it makes sense to switch back to focal, that's about testing runtimes 14:48:50 <tosky> we should ask a TC member 14:48:51 <tosky> uhm 14:49:11 <tosky> but yeah :) I was just thinking about switching it to non-voting for now 14:49:16 <whoami-rajat> so we should ask rosmaita or jungleboyj 14:49:18 <tosky> if it's moved to focal, it can stay voting 14:49:46 <rosmaita> well, the tempest runtime situation is weird because it's not branched 14:50:24 <whoami-rajat> where are the failures of tgt+jammy observed? on this patch? https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/868319 14:50:35 <tosky> but master cinder-tempest-plugin tests master cinder 14:50:44 <tosky> so it should use jammy just like master cinder does 14:50:59 <rosmaita> https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/873407 14:51:07 <tosky> if we had branch-specific jobs for the tgt job, sure, those should use focal - but that's we already do for the lioadm jobs iirc 14:51:50 <whoami-rajat> rosmaita, there the tgt job is working fine (since we switched back to focal) 14:52:24 <rosmaita> i am not having a good morning 14:52:27 <rosmaita> https://zuul.opendev.org/t/openstack/build/057dbfe2c06d4995a3c02bfe298851ce 14:52:28 <tosky> whoami-rajat: check the comments :) 14:54:14 <whoami-rajat> hmm, an iscsi login failure 14:56:48 <whoami-rajat> anyway, I don't have a strong objection on making the tgt job non-voting so we can unblock the gate and in the meantime look for ways to fix it 14:57:03 <whoami-rajat> but others can disagree 14:57:28 <tosky> ok, I'd say: please rosmaita update the patch and see if there are -1/-2 14:57:39 <rosmaita> ok, will do 14:58:19 <whoami-rajat> cool, open discussion for 2 minutes 14:58:22 <whoami-rajat> #topic open discussion 14:58:22 <tosky> thanks 14:58:41 <whoami-rajat> thanks for noticing the failing gate tosky ! 14:59:28 <roquej> nothing specific from my side, just a few bug fixes for which I require your attention 14:59:29 <inori> https://review.opendev.org/c/openstack/cinder/+/847730 I've modified the doc that is needed, so could you please have a look at this at your most convenient? 15:00:06 <TusharTgite> i've also have a bug pending can anyone take a look https://review.opendev.org/c/openstack/cinder/+/822822 15:00:51 <whoami-rajat> please focus on the review priorities of this week and also on the review request section every week 15:00:55 <whoami-rajat> we're out of time 15:00:59 <whoami-rajat> thanks everyone for joining 15:01:01 <whoami-rajat> #endmeeting